SEI Launches New Cross-Sector Group to Advance the Practice of Cyber Intelligence

June 19, 2014 • Article

June 19, 2014—Sound cyber intelligence practices can help organizations prevent or mitigate major security breaches. This is why the SEI's Emerging Technology Center has been conducting research on methodologies, processes, technology, and training to help organizations understand what it means to perform this work. To spur further development and advance understanding in this important area, the Software Engineering Institute has launched the Cyber Intelligence Research Consortium, a group that aims to help organizations make better judgments and quicker decisions related to cyber intelligence.

"Recent highly publicized security breaches reinforce the importance of cyber intelligence for any organization, regardless of size and economic sector," said Jay McAllister, a senior analyst in the SEI's Emerging Technology Center and technical lead of the consortium. "But many organizations are operating without a research-verified set of practices. The consortium will help organizations determine how best to excel in this emerging discipline."

The consortium defines cyber intelligence as the acquisition and analysis of information to identify, track, and predict cyber capabilities, intentions, and activities to offer courses of action that enhance decision making.

Organizations are joining the Cyber Intelligence Research Consortium to focus on improving the methodologies, processes, tools, and training that influence their cyber intelligence efforts. Members will address these topics by participating in a cyber-threat baseline activity to identify common challenges, interactive workshops to showcase relevant technologies, and a capture-the-flag event to hone their analytical skills. The consortium also will produce how-to guides to help members successfully navigate key intelligence practices and technologies.

The consortium's membership currently consists of practitioners and decision makers from multiple sectors, including government, energy, banking, defense contracting, and academia. New members may join at any time.

The consortium is an outgrowth of the SEI Cyber Intelligence Tradecraft Project, which sought to advance cyber intelligence capabilities by elaborating on best practices and prototyping solutions to shared challenges. In 2012 and 2013, 30 organizations provided information on their cyber intelligence methodologies, technologies, processes, and training. The resulting data showed that organizations excelled in their cyber intelligence work by effectively balancing the need to protect network perimeters with the need to look beyond them for strategic insights. The SEI developed several analytical products to show how anyone can accomplish this balancing act, including a summary of key findings report, how-to-guides, and a white paper on training and education.

Further advances in cyber intelligence are expected from the consortium.

"One of the main benefits of joining the Cyber Intelligence Research Consortium," said McAllister, "is being able to contribute to and leverage best practices from different economic sectors. We believe the consortium is uniquely positioned, because of its proximity to government, industry, and academia, to significantly influence the practice of cyber intelligence."